An unchecked buffer exists in one of the functions that is used by the Windows shell to extract custom attribute information from audio files. This causes a security vulnerability because it is possible for a malicious user to mount a buffer-overrun attack and to try to exploit this flaw.